{ssh,home/ssh}: include secret configuration
This commit is contained in:
parent
067a97bfbc
commit
de6e83649e
GPG Key ID:
9F2F7D8250F35146
|
|
@ -1,7 +1,15 @@
|
|||
{ config, ... }:
|
||||
{
|
||||
imports = [
|
||||
./home.nix
|
||||
./other.nix
|
||||
./pvv.nix
|
||||
];
|
||||
|
||||
sops.secrets."ssh/secret-config/home" = {
|
||||
sopsFile = ../../../secrets/common.yaml;
|
||||
mode = "0444";
|
||||
};
|
||||
|
||||
programs.ssh.includes = [ config.sops.secrets."ssh/secret-config/home".path ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,6 +12,11 @@ in {
|
|||
# "ssh/nix-builders/isvegg/pub" = { };
|
||||
|
||||
"nix/access-tokens" = { sopsFile = ./../secrets/common.yaml; };
|
||||
|
||||
"ssh/secret-config/global" = {
|
||||
sopsFile = ./../secrets/common.yaml;
|
||||
mode = "0444";
|
||||
};
|
||||
};
|
||||
|
||||
nix = {
|
||||
|
|
@ -102,6 +107,8 @@ in {
|
|||
|
||||
programs.ssh = {
|
||||
extraConfig = ''
|
||||
Include ${config.sops.secrets."ssh/secret-config/global".path}
|
||||
|
||||
Host nix-builder-isvegg
|
||||
HostName isvegg.pvv.ntnu.no
|
||||
User oysteikt
|
||||
|
|
|
|||
|
|
@ -1,6 +1,9 @@
|
|||
nix:
|
||||
access-tokens: ENC[AES256_GCM,data:K1V98nx+w0uoOY9ONDxbaZT9jbEbMqpzyYWaSrQIYfo2bm1HLeTHPqp2rqRFIPu5gD/5SqY2FW4Pak92it4S7o9liiI=,iv:/c6Mr3WQsbW7nBaa5NIG3pzatSyC9UE5zDpKjuD/FG0=,tag:8V344qvOVrgh5XHlinuFyw==,type:str]
|
||||
ssh:
|
||||
secret-config:
|
||||
home: ENC[AES256_GCM,data:eUfhQb6yYYV3951sdwZpA1f8k+79mm1bMYY4EP+tn1g7DEHXG9XHYKPL3FLJMkaaXSWv5jbBZ3zrGodJPMH9VbcFOjvSdz9u56DnmyeR3S7Pwgj1YbELDn9akeVRpjcB1w2k8hn2vNIY1MV4vg==,iv:LQpS168sxPVegrlPJNZrVZE+GsZAMxRSl4EaHO6FFxg=,tag:w5SNj7LkYd+22SbLVbtsDQ==,type:str]
|
||||
global: ""
|
||||
nix-builders:
|
||||
bob:
|
||||
key: ENC[AES256_GCM,data:CfzF32ELxePyls+JgxLRN3HeIyRGnH5G5MRuL23YGZ5DqBqjIjgoL64zzHB2tIn9D8RjUzmYxU7y70mwoej0V/Vr3qHtUkv2tC+XXw0uN4Be9n5iMo52Ovi+ZE4BVkKE94Y98YZtr0IbbjmgYAj+FS30lfld1KydKfmQUhzijIX8zUchL3spFwdxZSFQv2skXetEu9eIGMYeSTd7CSNk72zVONaW5s0cdKH0iLcO27CyzB3qArdn27gBbgn0rHvoaEvEMJGz4h4RHjk+JIU9+PKEqU8LMZOSYmD2wumX9W4s2L+YC5b5CDUvHaP0+n2bilpYCRuBlWMIzrNgkKyszVeNL+UnDM2nl1pF+ymapyrfyOGALuBoFd61uqE94/cCX21DAEB6E7SZtkQI/inKk1Wm7rvKEmTCjpHRNLf2J5i1IeePeHp1/ODHTfWZogtxh/SjpsR/ioGbt2X5yUvX+Xb6Ks35YwNyxVyXYV5azD60oQF/FSFwqNqRiNX/UE7a+FDwFgDoPleDOvJcv/35QZM6c9xYfWtUioKc,iv:LPQ+eJNeuL0SQRr1crRR2t4nZSanOihNrUK0mtdI3so=,tag:GjTZ+VbxYAqNDVg9m3IDVw==,type:str]
|
||||
|
|
@ -35,8 +38,8 @@ sops:
|
|||
cElPYm5qK2lkTWZ1UGd6TU1NV2h4OTgK8Ecv58Ybnc6iYMjtSKTT1fYbNf4yyFgX
|
||||
rjQ2sU8Rqc04MqixnAkF2zSDaaJ0vqwf22MvbO3bYhpqOHwiTMbRLg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-06-25T18:03:45Z"
|
||||
mac: ENC[AES256_GCM,data:HLm8tiOhW4QtBbAVMen1g451S7cTYF+bN1/4eHZDd1U8UjkbU1yim7m5EZGgZnGw9o5+YvMt08BUXjVLfpIaW7oX9DbQrUr9pxiLpuUM+qtStzYfohnae8BzLF9naNg3oOMYAo3nOWWpcAtLVUoNBtBaD/VI5bvj3VnCbMWQ6pE=,iv:p1wgOGwcfdmvNgwmcSjKZ2c4zpL8138tZ0CD7lgwtZ4=,tag:QKMd/iUZcBrcW5iOsZ/Lbw==,type:str]
|
||||
lastmodified: "2024-06-25T18:25:28Z"
|
||||
mac: ENC[AES256_GCM,data:GGjXTEHVHAWrr0QHc3O4bMpGi1wFge6AbK7XEwRiOqh4W1Zow2CEcfGZxW5TLLayfB9lXemeKtrZWsqBOCXtHkd670KbxxKInE3FvJbjME8ZODAMpknYX4BXBGt6ksC03Tm4ri1JIy1OxDVXG4qb8skNtna4YkIiUf+ErTihakA=,iv:YGKnVl9QCLLTqdQfpiTbv31vEGEoolzMWtyEFvJekYI=,tag:8j+dnOqHfupKTAl1GQ09Mg==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-05-08T00:49:52Z"
|
||||
enc: |
|
||||
|
|
|
|||
Loading…
Reference in New Issue